Blog Posts

Steps to enable modern authentication for Skype for Business Online

This article is applicaple to Office 365 only. EG Skype for Business Online with no hybrid or premise connectivity. The following technet wiki was used to understand the configuration: https://social.technet.microsoft.com/wiki/contents/articles/34339.skype-for-business-online-enable-your-tenant-for-modern-authentication.aspx Per service state of modern authentication by default for Office 365: •    Skype for Business Online - OFF...

24 June, 2017 / 0 Comments

Trio8800 admitted into lobby when using a ‘private’ meeting

The following has been verified as a bug in the latest Trio FW 5.4.5.9188 build. The previous FW 5.4.5.9111 also exhibits the same behavior. Wether a private or public SfB meeting is used the expected behavior is the meeting room should be admitted to the...

31 May, 2017 / 0 Comments

Disable Certificate Check SfB

Windows Registry Editor Version 5.00   [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL] "EventLogging"=dword:00000001 "ClientAuthTrustMode"=dword:00000002...

21 May, 2017 / 0 Comments

Prince2 Methodology

Each of the 7 processes are shown by the large coloured rectangles. These are: Directing a Project, Starting Up a Project, Initiating a Project, Controlling a Stage, Managing a Stage Boundary, Managing Product Delivery and Closing a Project. The diagram above shows the 7 PRINCE2 processes....

18 March, 2017 / 0 Comments

SfB\Lync Passive Authentication – Resource Forest Topology

18 March, 2017 / 0 Comments

McAfee AV Skype for Business bug

Symptom: The Front End service would not start due to incorrectly placed certificates in the Trusted Root container. This script https://gallery.technet.microsoft.com/LyncSkype4B-Certificate-81944851 was used to check the certificate containers and two root certificates were found incorrectly placed in the Trusted Root container. Example output:- Resolution: The below registry...

18 March, 2017 / 0 Comments

Edge Server Hardening for SSL

To resolve the Poodle vulnerability and harden the Edge Server download and install the following tool from Nartac Software https://www.nartac.com/Products/IISCrypto/Download After installing select ‘best practices’ and apply the suggested fixes. The keys will be written to the following path: “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control \SecurityProviders\SCHANNEL\Protocols” Browse to Qualys SSLs checker and scan the Edge...

17 March, 2017 / 0 Comments

Skype for Business Split Brain

Summary: After initiating a successful failover of the Central Management Store and Pool failback of the CMS failed. The topology reported the CMS as being homed on the primary pool, but the Get-CsManagementStoreReplicationStatus –CentralManagementStoreStatus cmdlet reported the CMS as still being on the backup pool....

17 March, 2017 / 1 Comment

Whitelisting Skype for Business URLs when using the BlueCoat Unified Agent and Direct Access

Summary: The topology consisted of Skype for Business Server deployed alongside Direct Access. To preserve call quality ALL SfB traffic was not be tunnelled by DA or any other solution that deployed a VPN secure tunnel as did the Blue Coat Unified Agent.   The following article...

17 March, 2017 / 0 Comments

SfB OpenOTP MFA integration using Passive Authentication

SfB OpenOTP MFA integration using Passive Authentication The following is supplemental to the WebADM Install Guide only. Server specification Ubuntu 12.04 was used for the integration using a Basic_A1 (1 core, 1.75 GB memory) VM. The server was installed manually to support installation of OpenOTP in Azure. Otherwise...

10 October, 2016 / 0 Comments